include("functions.php4");
include("forum_template.php4");
mysql_connect($db_Hostname, $db_UserName, $db_Password) || UhOh("Can't Connect to Database: ".mysql_error());
mysql_select_db($db_Database);
$fSettings = GetSettings();
function AddMember()
{
global $username,$password,$email,$homepage,$icqnumber,$aolhandle,$yahoohandle,$signature,$savepass,$timezone;
$username = trim($username);
ParseRegForm();
$CurrentTime = time();
$username = htmlspecialchars($username);
$password = htmlspecialchars($password);
$email = htmlspecialchars($email);
$homepage = htmlspecialchars($homepage);
$icqnumber = htmlspecialchars($icqnumber);
$aolhandle = htmlspecialchars($aolhandle);
$yahoohandle = htmlspecialchars($yahoohandle);
$signature = addslashes($signature);
$savepass = htmlspecialchars($savepass);
$query = "INSERT INTO t_users (UserName,Password,Email,Homepage,ICQNumber,YahooHandle,AOLHandle,Signature,NumPost,RegDate,SavePass,timezone) ";
$query .= "VALUES('$username','$password','$email','$homepage','$icqnumber','$yahoohandle','$aolhandle','$signature',0,'$CurrentTime','$savepass','$timezone')";
$result = mysql_query($query);
if ($result)
echo "Registration completed sucessfully";
else
{UhOh(mysql_error());}
}
function ParseRegForm()
{
global $username,$password,$password2,$email,$txt;
if ($username == "") {UhOh($txt['errNoUsername']);}
if ($password == "") {UhOh($txt['errNoPassword']);}
if ($email == "") {UhOh($txt['errNoEmail']);}
if ($password != $password2) {UhOh($txt['errPasswordMismatch']);}
if ((strlen($username) > 25) || (strlen($username) < 4)) {UhOh($txt['errUsernameLength']);}
if ((strlen($password) > 15) || (strlen($password) < 4)) {UhOh($txt['errPasswordLength']);}
if ((strlen($email) > 50) || (strlen($email) < 5)) {UhOh($txt['errEmailLength']);}
if (!(eregi("^[0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-z]{2,3}$",$email))) {UhOh($txt['errInvalidEmail']);}
if (HasSpecialChar($username)) {UhOh($txt['errUsernameFormat']);}
if (HasSpecialChar($password)) {UhOh($txt['errBadPassword']);}
$query = "SELECT count(*) from t_users WHERE UserName ='".$username."'";
$result = mysql_query($query);
$row = mysql_fetch_row($result);
if ($row[0] >= 1) { UhOh($txt['errUsernameTaken']);}
$query = "SELECT count(*) from t_users WHERE Email ='".$email."'";
$result = mysql_query($query);
$row = mysql_fetch_row($result);
if ($row[0] >= 1) { UhOh($txt['errEmailTaken']);}
}
function EditProfile()
{
global $username,$password,$newpassword,$email,$homepage,$icqnumber,$aolhandle,$yahoohandle,$signature,$savepass,$txt,$timezone;
ParseEditProfForm();
$UserInfo = GrabUserInfo($username);
$ID = $UserInfo['ID'];
$newpassword = htmlspecialchars($newpassword);
$email = htmlspecialchars($email);
$homepage = htmlspecialchars($homepage);
$icqnumber = htmlspecialchars($icqnumber);
$aolhandle = htmlspecialchars($aolhandle);
$yahoohandle = htmlspecialchars($yahoohandle);
$signature = addslashes($signature);
$savepass = htmlspecialchars($savepass);
if ($newpassword)
$query = "UPDATE t_users SET Password='$newpassword',Email='$email',Homepage='$homepage',ICQNumber='$icqnumber',YahooHandle='$yahoohandle',AOLHandle='$aolhandle',Signature='$signature',SavePass='$savepass',timezone='$timezone' WHERE ID = '$ID'";
else
$query = "UPDATE t_users SET Email='$email',Homepage='$homepage',ICQNumber='$icqnumber',YahooHandle='$yahoohandle',AOLHandle='$aolhandle',Signature='$signature',SavePass='$savepass',timezone='$timezone' WHERE ID = '$ID'";
$result = mysql_query($query);
if ($result)
{
CookieStuff(0,$username,$newpassword);
fHeader();
echo $txt['ProfileEdited'];
}
else
{fHeader();UhOh(mysql_error());}
}
function ParseEditProfForm()
{
global $username,$password,$newpassword,$newpassword2,$email,$txt;
if (CheckPassword($username,$password) != 1)
{fHeader();UhOh($txt['errInvalidUser']);}
if ($email == "") {UhOh(errNoEmail);}
if (($newpassword) || ($newpassword2))
{
if ($newpassword != $newpassword2) {fHeader();UhOh($txt['errPasswordMismatch2']);}
if ((strlen($newpassword) > 15) || (strlen($newpassword) < 4)) {fHeader();UhOh($txt['errPasswordLength']);}
if (HasSpecialChar($newpassword)) {fHeader();UhOh($txt['errBadPassword']);}
}
if ((strlen($email) > 50) || (strlen($email) < 4)) {UhOh($txt['errEmailLength']);}
if (!(eregi("^[0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-z]{2,3}$",$email))) {fHeader();UhOh($txt['errInvalidEmail']);}
$query = "SELECT count(*) from t_users WHERE Email ='".$email."'";
$result = mysql_query($query);
$row = mysql_fetch_row($result);
if ($row[0] >= 2) {fHeader();UhOh($txt['errUsernameTaken']);}
}
function Login()
{
global $username,$password,$url,$txt;
if (HasSpecialChar($username)) {fHeader();UhOh($txt['errInvalidUser']);}
if (HasSpecialChar($password)) {fHeader();UhOh($txt['errInvalidUser']);}
if (CheckPassword($username,$password))
{
$query = "SELECT SavePass from t_users WHERE UserName = '$username'";
$result = mysql_query($query);
$row = mysql_fetch_row($result);
if ($row[0] == 'yes')
CookieStuff(time()+30240000,$username,$password);
else
CookieStuff(0,$username,$password);
$now = time();
$query = "UPDATE t_users SET LastActive=$now WHERE UserName LIKE '$username'";
mysql_query($query) || die("Can't update user info. Reason: ".mysql_error());
Redirect("Login success! You're now being redirected to the location you were at. If you don't want to wait, please click here",$url);
}
else
{fHeader();UhOh($txt['errInvalidUser']);}
}
function Logout()
{
global $url;
CookieStuff(0,"Guest","");
Redirect("Logout success! You're now being redirected to the location you were at. If you don't want to wait, please click here",$url);
}
function SendMail()
{
global $fSettings,$Action,$username,$password,$subject,$message,$TopicID,$Destination,$txt;
if ($username == "") {fHeader();UhOh($txt['errNeedUsername']);}
if ($message == "") {fHeader();UhOh($txt['errEmptyMessage']);}
if ($Destination == "") {fHeader();UhOh($txt['errNoRecipient']);}
if ((strlen($username) > 25) || (strlen($username) < 4)) {fHeader();UhOh($txt['errPasswordLength']);}
if ((strlen($Destination) > 25) || (strlen($Destination) < 4)) {fHeader();UhOh($txt['errBadDestEmail']);}
if (HasSpecialChar($username)) {fHeader();UhOh($txt['errBadPassword']);}
if (HasSpecialChar($Destination)) {fHeader();UhOh($txt['errBadDestEmail']);}
if (CheckPassword($username,$password) != 1)
{
fHeader();
UhOh($txt['errInvalidUser']);
}
else
{
$query = "SELECT Password,SavePass from t_users WHERE UserName = '$username'";
$result = mysql_query($query);
$row = mysql_fetch_array($result);
if ($row["SavePass"] == 'yes')
CookieStuff(time()+30240000,$username,$row["Password"]);
else
CookieStuff(0,$username,$row["Password"]);
mysql_query($query);
}
$subject = htmlspecialchars($subject);
$subject = stripslashes($subject);
$message = stripslashes($message);
$FromUser = GrabUserInfo($username);
$ToUser = GrabUserInfo($Destination);
mail($ToUser["UserName"]." <".$ToUser["Email"].">", $subject, $message, "From: ".$FromUser["UserName"]." <".$FromUser["Email"].">");
$prevlink = $fSettings["ScriptURL"]."/member.php4?Action=viewprofile&username=".rawurlencode($username);
Redirect("Your email has been sent. You're now being redirected to the location you were at. If you don't want to wait, please click here",$prevlink);
}
function SendPassword()
{
global $fSettings,$username,$txt;
if ($username == "") {fHeader();UhOh($txt['errNoUsername']);}
if (HasSpecialChar($username)) {fHeader();UhOh($txt['errUsernameFormat']);}
$query = "SELECT Password from t_users WHERE UserName = '$username'";
$result = mysql_query($query);
$row = mysql_fetch_array($result);
if (!$row)
{fHeader();UhOh($txt['errInvalidUser']);}
$subject = "tForum Password Retrieval";
$message = "You or someone else has filled out the lost password form for tForum at: ".$fSettings["ScriptURL"]."/index.php4.\n\nYour password is: ".$row["Password"];
$ToUser = GrabUserInfo($username);
mail($ToUser["UserName"]." <".$ToUser["Email"].">", $subject, $message, "From: tForum Admin <".$fSettings["Email"].">");
$prevlink = $fSettings["ScriptURL"]."/index.php4";
Redirect("Your password has been sent. You're now being redirected to the main forum. If you don't want to wait, please click here",$prevlink);
}
if (empty($Action))
$Action = "";
switch ($Action)
{
case "Register":
fHeader();
PrintRegForm();
fFooter();
break;
case "AddMember":
fHeader();
AddMember();
fFooter();
break;
case "Login":
Login();
break;
case "Logout":
Logout();
break;
case "viewprofile":
fHeader();
ViewProfile();
fFooter();
break;
case "editprofile":
fHeader();
PrintEditProfile();
fFooter();
break;
case "editprofile2":
EditProfile();
fFooter();
break;
case "email":
fHeader();
PrintMailForm();
fFooter();
break;
case "SendMail":
SendMail();
break;
case "lostpassword":
fHeader();
PrintSendPasswordForm();
fFooter();
break;
case "SendPassword":
SendPassword();
break;
default:
fHeader();
UhOh("Nothing specified!");
}
?>